Johnson & Johnson Careers

[존슨앤드존슨] Sr. Manager, Privacy Compliance Officer (Lawyer)

Yongsan-gu, South Korea
Legal (Non Attorney)

Job Description

Requisition ID: 1905724179W

Johnson & Johnson is the world's most comprehensive and broadly based healthcare Company, touching the lives of nearly a billion people every day. Our Family of Companies throughout the world compete in consumer, pharmaceutical, and medical devices and diagnostics markets and have the skills and resources to tackle the world's most pressing health issues.

- 포지션: Sr. Manager, Privacy Compliance Officer (Lawyer)
- 근무지: 서울시 용산구

- 근무형태: 정규직 (Regular)

The Cross-Sector Sr. Manager, Privacy Compliance Officer of Johnson & Johnson Family of Companies in South Korea is responsible for developing and implementing the privacy program for all J&J companies in South Korea, identifying privacy risks and developing, maintaining and implementing policies and procedures, training and controls to ensure Johnson & Johnson’s businesses are operating appropriately with regard to applicable privacy laws and regulations and J&J policies. This role includes coordination of all activities related to implementation of and adherence to Johnson & Johnson Privacy policies and applicable data protection laws, in accordance with the Johnson & Johnson Privacy Framework.

The position will also include the responsibility of the designated Chief Privacy Officer for Janssen South Korea.  

As Chief Privacy Officer for Janssen South Korea the position reports to a member of Managing board of Janssen South Korea. For the other companies in Korea, the cross sector Privacy Manager will liaise with and support and  work with the designated Chief Privacy Officers of these companies. The position will also have a dotted line reporting to the Global Privacy team.


Main responsibilities;

- Ensures compliance to Personal Information Protection Act (PIPA), Act on the Promotion of Information and Communications Network Utilization and Information Protection Act (“ICNA”), related laws and all applicable Johnson and Johnson privacy and data protection policies and procedures.

- Establishes and implements a personal information protection plan 

- Processes complaints and implements relief relating to personal information processing 

- Partner with Information Security Officer to establish internal control systems that prevents leakage, abuse, misuse of personal information and protects the confidentiality of personal information files.

- Establishes and implements training on personal information protection 

- Effectively aligns with key stakeholders in Operating Company to ensure that personal information processing activities of the company comply with Johnson & Johnson Privacy Principles and applicable Privacy laws and regulations

- Ensures local oversight of Privacy Compliance Programs. Advises executive and senior management team of their responsibilities and obligations and helps them develop a culture of compliance

- Identifies Privacy risks and issues. Advises all staff whose activities possibly put the company at risk and provides actionable solutions to remediate risks and issues 


Liaises with:

 - The designated Chief Privacy Officers of the companies in South Korea

 - Representatives from business process owners who collect or process personal information (including, as applicable, Human Resources, Clinical, Sales and Marketing, Customer Call Centres, Information Technology and Procurement)

 - Global Privacy Team

 - key functional partners, like

     a) the Law Department, to obtain legal advice when needed

     b) IT Security including organization’s Information Security Officer (ISO), to ensure adequate security and access controls on systems that process personal information and to partner on an adequate response to security incidents with a Privacy impact

     c) company’s responsible person for Records and Information Management, on issues pertaining to retention and purging of records that contain personal information

     d) Healthcare Compliance, to ensure a Privacy program that fits into the overall compliance program roll out for the company

     e) Corporate internal audit function to support the engagement and regularly assess the personal information processing and make improvements

  - Privacy regulator, in case of questions, inspections or data breaches

Key activities;

- Participates in company’s Compliance Committee or similar governance structure, to highlight Privacy risks and status of Privacy Compliance Program.

- Liaises with business process owners, to build understanding of Privacy risks related to their personal information processing activities and provides advice on how to mitigate these risks by embedding Privacy requirements into the design of business processes.

- Collaborates with IT on compliance assessments and Internet compliance review process.

- Plans and deploys a local Privacy Compliance Program, in terms of Policies and Procedures, Training and Communication, Testing and Monitoring, in accordance with the requirements of J&J’s global Privacy Framework. 

- Coordinates the roll out of Privacy training in accordance with agreed training plan of the company. Develops additional local training content and awareness programs among employees and contractors, when needed.

- Provides assistance to the Law Dept and Procurement, if needed, with regard to the review and recommendation of adequate Privacy language in contracts with third party service providers.

- Assists business process owners with privacy compliance self/risk assessments.

- Serves as first point of contact for internal and external audits and inspections, requests for access and correction of personal information or complaints against the organization.

- Manages company’s Privacy incident response process, in close collaboration with the company’s executive leadership, the Global Privacy Team, IT Security, Law Department and relevant business process owners. 

- Coordinates execution of resulting remediation action plans. 

- Makes required notifications and filings to Privacy regulator (if applicable).

- Builds and maintains knowledge about applicable laws and regulations and assesses impact of changes in laws to Privacy program. 

- Actively engages with the Global Privacy Team and participates in its information sessions, to ensure maximal alignment with global standards and practices.


- Familiarity with the healthcare industry and its business processes; in industry, preferably health care industry

- Functional understanding of applicable Privacy laws and regulations

- Significant experience with the roll out of (privacy) compliance programs and their management

- Ability to maintain the highest standards of quality, compliance and accountability when advising the business

- Demonstrable ability to engage with a range of business units and functions and uncover their objectives and needs

- Ability to translate a wide variety of principles and, sometimes complex, legal requirements into actionable solutions for the business

- Excellent organizational, facilitation, communication and presentation skills

- Global mindset and preparedness to incorporate global standards and practices, for consistency and efficiency reasons 

- Ability to work autonomously

[지원 방법] -> Requisition number 
1905724179W 검색 -> 해당 모집 공고의 “Apply Now” 클릭 온라인 지원 프로세스 진행

[제출 서류]

영문 자유 양식의 이력서&자기소개서


[서류 마감일] 
채용시 마감


[For more Johnson & Johnson]

- J&J Korea Facebook:

- J&J Korea Linkedin:

좋아요” & “팔로우” - 존슨앤드존슨 오픈 포지션 다양한 소식들을 페이스북, 링크드인 페이지 통해 만나 보시기 바랍니다.  

- 서류를 MS-Word PDF 개의 파일로 미리 준비하시기 바랍니다.
- 서류 전형 합격자에 한하여 개별 통보합니다. , 회사 사정에 따라 지연될 있습니다. 

- 모집 분야 관련하여 자세한 내용은 J&J 홈페이지에서 확인하시기 바랍니다.

see above
Primary Location
South Korea-Seoul-Yongsan-gu-
Janssen Korea, Ltd. (7220)
Job Function
Legal (Non Attorney)
Requisition ID